Mitigating VRRP Attacks
Are the VRRP vulnerabilities critical? After all, added Layer 2 attacks can advance to exactly
the aforementioned results: ARP spoofing, Dynamic Host Configuration Protocol (DHCP) spoofing,
and so on. However, because the added attacks can be mitigated, as apparent in Chapters 2 and
6, VRRP is the alone accident exposure. This accident needs to be mitigated.
The acceptable account is that the attacks that use VRRP vulnerabilities assignment alone in the bounded LAN.
VRRP is alike added defended than HSRP from this angle because it rejects any VRRP
packets whose Time to Live (TTL) acreage is beneath than 255 (that is, back the packet has been
forwarded by at atomic one router).
Nevertheless, the attacks can still be launched locally. The means to abate those attacks
rely on abhorrent the antagonist from accomplishment accurate affidavit abstracts or sending VRRP
packets